<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: order_update_order.php 460 2014-01-30 15:38:46Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 460 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2014-01-30 15:38:46 +0000 (Thu, 30 Jan 2014) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */
require_once(DIR_FS_INC.'inc.build_order_id.php');

if(isset($_GET['download'])) {
	foreach($_POST['download'] AS $id => $value)
		if($value > 0)
			$db->db_query("UPDATE orders_products_download SET download_count = '".(int)$value."' WHERE orders_products_download_id = '".(int)$id."'");
		
	$message_stack->add_session('Download wurde wieder aktiviert', 'success');
	redirect(href_link(FILENAME_ORDERS, get_all_get_params(array ('action')).'action=edit&oID='.$_GET['oID']));
}

if(isset($_POST['oids']))
	$oids = $_POST['oids'];
else
	$oids = $_GET['oID'];
	
$status = $_POST['status'];
$comments = $_POST['comments'];
$order_updated = false;

for($i = 0, $n = sizeof($oids); $i < $n; $i++) {
	if($_GET['action'] == 'multi_status')
		$oID = $oids[$i];
	else
		$oID = $oids;

	$check_status = $db->db_query("SELECT 
										customers_name, 
										customers_email_address, 
										orders_status, 
										date_purchased 
									FROM 
										".TABLE_ORDERS." 
									WHERE 
										orders_id = ".$oID."");
	
	if($check_status->fields['orders_status'] != $status || $comments != '') {
	
		if($_POST['notify'] == 'on' || $status==2) {
			$customer_notified = ($_POST['notify'] == 'on' ? '1' : '0');
			$notify_comments = '';
			if($_POST['notify_comments'] == 'on')
				$notify_comments = $comments;
			else
				$notify_comments = '';

      //$forwarding_to = ($status==2 ? 'produktion@bm-sofort.de' : '');
      $forwarding_to = ($status==2 ? 'd.mueller@itdotmedia.de' : '');

      $to_email_address = ($_POST['notify'] == 'on' ? $check_status->fields['customers_email_address'] : $forwarding_to); 
      $to_email_name = ($_POST['notify'] == 'on' ? $check_status->fields['customers_name'] : 'Produktion');
			
			if ($_POST['notify'] !== 'on') $to_email_address = ''; // turn of status mail
			
			$smarty->assign('NAME', $check_status->fields['customers_name']);
			$smarty->assign('ORDER_NR', build_order_id($check_status->fields['date_purchased'], $oID, 'confirm') );
			$smarty->assign('ORDER_ID', build_order_id($check_status->fields['date_purchased'], $oID, 'confirm') );
			$smarty->assign('ORDER_LINK', catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id='.$oID, 'SSL'));
			$smarty->assign('ORDER_DATE', date_long($check_status->fields['date_purchased']));
			$smarty->assign('NOTIFY_COMMENTS', nl2br($notify_comments));
			$smarty->assign('ORDER_STATUS', $orders_status_array[$status]);
			
			$smarty->caching = false;
			require_once (DIR_FS_INC.'inc.get_mail_body.php');
			$html_mail = $smarty->fetch('html:change_order');
			$html_mail .= $signatur_html;
			$txt_mail = $smarty->fetch('txt:change_order');
			$txt_mail .= $signatur_text;
			require_once (DIR_FS_INC.'inc.get_mail_data.php');
			$mail_data = get_mail_data('change_order');
			
			$email_change_order_subject = str_replace('{$nr}', build_order_id($check_status->fields['date_purchased'], $oID, 'confirm'), $mail_data['EMAIL_SUBJECT']);
	    $email_change_order_subject = str_replace('{$date}', date_long($check_status->fields['date_purchased']), $email_change_order_subject);
			$email_change_order_subject = str_replace('{$name}',$check_status->fields['customers_name'], $email_change_order_subject);
			
			$email_change_order_name = str_replace('{$shop_name}', STORE_NAME, $mail_data['EMAIL_ADDRESS_NAME']);
			$email_change_order_name = str_replace('{$shop_besitzer}', STORE_OWNER, $email_change_order_name);
			
			if ($to_email_address != '') {
  			php_mail(
          $mail_data['EMAIL_ADDRESS'],
          $email_change_order_name,
          $to_email_address,
          $to_email_name,
          ($to_email_address == $forwarding_to ? '' : $forwarding_to),
          $mail_data['EMAIL_REPLAY_ADDRESS'], 
          $mail_data['EMAIL_REPLAY_ADDRESS_NAME'],
          $pdf_pfad,
          $pdf_name,
          $email_change_order_subject,
          $html_mail,
          $txt_mail );
      }
		}
			
		$db->db_query("UPDATE ".TABLE_ORDERS." SET orders_status = ".$status.", last_modified = NOW() WHERE orders_id = ".$oID);
		$db->db_query("INSERT INTO ".TABLE_ORDERS_STATUS_HISTORY." (orders_id, orders_status_id, date_added, customer_notified, comments) VALUES (".$oID.", ".$status.", NOW(), '".$customer_notified."', '".$comments."')");
	
		$order_updated = true;
	}
}

if($order_updated) {
### BEGIN - CALL NOVALNET PAYGATE TO UPDATE THE BOOKING STATUS ###
$payment_method = $order->info['payment_method'];

#print $_POST['status'].", $payment_method"; exit;
if($_POST['status']==3 && substr($payment_method, 0, 8)=='novalnet') {
  $tid_string = $order->info['comments'];
  $aryTmp = explode('Novalnet Transaction ID :', $tid_string);
  $aryTmp = explode(' ', $aryTmp[1]);
  $tid = trim($aryTmp[1]);
  if($tid)
  {
    $aryNNConfigKeys = array();
    $aryNNConfigValues = array();

    if($payment_method=='novalnet_cc')
    {
      $key = '6';
      $aryNNConfigKeys = array('MODULE_PAYMENT_NOVALNET_CC_VENDOR_ID', 'MODULE_PAYMENT_NOVALNET_CC_AUTH_CODE', 'MODULE_PAYMENT_NOVALNET_CC_PRODUCT_ID', 'MODULE_PAYMENT_NOVALNET_CC_TARIFF_ID');
    }
    elseif($payment_method=='novalnet_cc3d')
    {
      $key = '6';
      $aryNNConfigKeys = array('MODULE_PAYMENT_NOVALNET_CC3D_VENDOR_ID', 'MODULE_PAYMENT_NOVALNET_CC3D_AUTH_CODE', 'MODULE_PAYMENT_NOVALNET_CC3D_PRODUCT_ID', 'MODULE_PAYMENT_NOVALNET_CC3D_TARIFF_ID');
    }
    elseif($payment_method=='novalnet_elv_de')
    {
      $key = '2';
      $aryNNConfigKeys = array('MODULE_PAYMENT_NOVALNET_ELV_DE_VENDOR_ID', 'MODULE_PAYMENT_NOVALNET_ELV_DE_AUTH_CODE', 'MODULE_PAYMENT_NOVALNET_ELV_DE_PRODUCT_ID', 'MODULE_PAYMENT_NOVALNET_ELV_DE_TARIFF_ID');
    }
    elseif($payment_method=='novalnet_elv_at')
    {
      $key = '8';
      $aryNNConfigKeys = array('MODULE_PAYMENT_NOVALNET_ELV_AT_VENDOR_ID', 'MODULE_PAYMENT_NOVALNET_ELV_AT_AUTH_CODE', 'MODULE_PAYMENT_NOVALNET_ELV_AT_PRODUCT_ID', 'MODULE_PAYMENT_NOVALNET_ELV_AT_TARIFF_ID');
    }

    foreach($aryNNConfigKeys as $conf_key => $conf_val) {
        $configuration_values = $db->db_query("SELECT configuration_value from " . TABLE_CONFIGURATION . " WHERE configuration_key = '$conf_val'");
        if($configuration_values->fields['configuration_value'])
          $aryNNConfigValues[] = $configuration_values->fields['configuration_value'];
    }

    if(count($aryNNConfigValues)>0)
    {
      $vendor_id = $aryNNConfigValues[0];
      $auth_code = $aryNNConfigValues[1];
      $product_id = $aryNNConfigValues[2];
      $tariff_id = $aryNNConfigValues[3];

      ### Process the payment to paygate ##
      $nn_url = 'https://payport.novalnet.de/paygate.jsp';
      $nn_urlparam = "vendor=$vendor_id&auth_code=$auth_code&product=$product_id&key=$key&tariff=$tariff_id&tid=$tid&status=100&edit_status=1";
      #print "$nn_urlparam"; exit;

      ### Realtime accesspoint for communication to the Novalnet paygate ###
      $ch = curl_init($nn_url);
      curl_setopt($ch, CURLOPT_POST, 1);  // a non-zero parameter tells the library to do a regular HTTP post.
      curl_setopt($ch, CURLOPT_POSTFIELDS, $nn_urlparam);  // add POST fields
      curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);  // don't allow redirects
      curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);  // decomment it if you want to have effective ssl checking
      curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);  // decomment it if you want to have effective ssl checking
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);  // return into a variable
      curl_setopt($ch, CURLOPT_TIMEOUT, 240);  // maximum time, in seconds, that you'll allow the CURL functions to take

      ## establish connection
      $data = curl_exec($ch);

      ## determine if there were some problems on cURL execution
      $errno = curl_errno($ch);
      $errmsg = curl_error($ch);

      ###bug fix for PHP 4.1.0/4.1.2 (curl_errno() returns high negative value in case of successful termination)
      if($errno < 0) $errno = 0;
      ##bug fix for PHP 4.1.0/4.1.2

      #close connection
      curl_close($ch);
    }
  }
}
        
	$message_stack->add_session(SUCCESS_ORDER_UPDATED, 'success');
} else
	$message_stack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
?>